Today RF location tags provide location services, in particular for mobile users. For example, a shopper walking down aisles of a store can receive location tags from a transmitter and, responsive to the shopper location, receive product coupons, product information, and more, for nearby products. When the shopper moves to a different location in the store and receives different location tags from a different transmitter, appropriate product coupons and product information can be sent base on the new location.
The location tags include a source address (e.g., a MAC, or media access control, address) which indicates which device sent out location tags. A user device can cross-reference source addresses with a server that stores locations of transmitters. The transmitter location is used as the presumed user location for the purpose of selecting data to send to a shopper. The source address field is unencrypted even if a corresponding payload is encrypted.
One vulnerability of the current RF location tags with unencrypted source addresses is spoofing by other hardware RF location devices. In more detail, other transmitters can transmit location tags using the same known source address.
Another vulnerability of the current RF location tags with unencrypted source addresses is snooping on a user device by other RF location software. For example, a first store mobile application on the user device can be snooped on by a second store mobile application executing in the background. Once locations of the first store transmitters are discovered and catalogued, the second store can then serve competing product coupons. When the user is near televisions in a first store, the second store mobile application can send coupons for its own televisions. Both hardware and software vulnerabilities erode reliability and security of RF location systems.
Therefore, what is needed is a technique that provides locations for users with secured location tags that cannot be snooped, emulated, or intercepted by unintended hardware and software processes.